Lead Application Security Engineer

Do you enjoy dealing with the security challenges of a global organization?

Do you enjoy being part of a successful team?

Join our Digital Technology team

We operate at the heart of the digital transformation of our business. From Digital Engineering to enabling employee success, the Digital Technology team is driven to provide the best products and service.

Partner with the best

The Lead Application Security Engineer is a dynamic role requiring knowledge of security, secure development, application security tooling, pen testing and emerging AI/GenAI security risks. The engineer will lead key application security programs, partner with business segments to ensure adherence to secure development standards, and guide teams on application and AI/LLM vulnerability remediation.

In addition, the engineer will be responsible for application security tooling, identifying gaps in existing processes and tools, and enhancing support for development toolsets, including AI-enabled platforms and pipelines.

As a Lead Application Security Engineer, you will be responsible for:

• Collaborate with business segment cybersecurity teams on application security and AI security technology adoption
• Drive best practices and sound design principles through the Secure Software Development Lifecycle (SSDLC) for both traditional and AI-enabled applications
• Educate teams across Baker Hughes Power on secure development best practices, AI/GenAI security risks, tools, and methodologies
• Participate in code reviews across teams to ensure secure coding practices and secure AI model integration
• Manage key application security programs – including Container Security implementation and AI security enablement
• Lead projects to drive the assessment, operationalization, and adoption of new technologies, platforms, tools, and frameworks
• Pentest AI/LLM-based systems
• Drive adoption of practices aligned with OWASP Top 10 for LLM Applications
• Partner with engineering and data teams to ensure secure design, deployment, and monitoring of AI models and services
• and adoption of new technologies, platforms, tools, and frameworks

Fuel your passion

To be successful in this role you will :

• Have a Bachelor's Degree in Computer Science or “STEM” Majors (Science, Technology, Engineering and Math). Have a minimum 8  years of professional experience.
• Have working knowledge of application security services such as SAST, SCA, DAST, Container Security, and AI/GenAI security controls and pentest
• Have experience managing or deploying Container Security solutions and/or securing cloud-native workloads
• Have working knowledge of OWASP Web/API vulnerabilities and OWASP Top 10 for LLM/AI applications, along with compensating controls
• Have experience with Java / NodeJS / Go / PHP / Python / Ruby, with exposure to AI/ML frameworks or integrations (preferred)
• Have Software Development Lifecycle and application security testing experience, including security integration into CI/CD pipelines
• Have working knowledge of source control tools such as GitHub or Azure DevOps
• Have experience with Application Security solutions such as BlackDuck / Checkmarx / Prisma Container Security, and familiarity with AI/ML security tools or platforms is a plus

Work in a way that works for you

We recognize that everyone is different and that the way in which people want to work and deliver at their best is different for everyone too. In this role, we can offer the following flexible working patterns:

• Working flexible hours - flexing the times when you work in the day to help you fit everything in and work when you are the most productive

Working with us

Our people are at the heart of what we do at Baker Hughes. We know we are better when all of our people are developed, engaged and able to bring their whole authentic selves to work. We invest in the health and well-being of our workforce, train and reward talent and develop leaders at all levels to bring out the best in each other.

Working for you

Our inventions have revolutionized energy for over a century. But to keep going forward tomorrow, we know we have to push the boundaries today. We prioritize rewarding those who embrace change with a package that reflects how much we value their input. Join us, and you can expect:

• Contemporary work-life balance policies and wellbeing activities
• Comprehensive private medical care options
• Safety net of life insurance and disability programs
• Tailored financial programs
• Additional elected or voluntary benefits